ssl cert store update and self-signed cert support

2021-12-14 18:12:08 +01:00
parent 6c7e6787b1
commit 4e6e48dc52
3 changed files with 31 additions and 36 deletions
--- a/docker-compose/prometheus-grafana/docker-compose.yml
+++ b/docker-compose/prometheus-grafana/docker-compose.yml
@@ -1,4 +1,3 @@
---
 version: '3'

 volumes:
@@ -21,7 +20,7 @@ services:
      - "--config.file=/etc/prometheus/prometheus.yml"

  grafana:
-    image: grafana/grafana:latest
+    image: grafana/grafana-oss:latest
    container_name: grafana
    ports:
      - "3000:3000"
--- a/docker-compose/traefik/config/traefik.yml
+++ b/docker-compose/traefik/config/traefik.yml
@@ -37,36 +37,37 @@ entryPoints:
  websecure:
    address: :443

-# Certificates configuration
-# ---
-# TODO: Custmoize your Cert Resolvers and Domain settings
-# 
-certificatesResolvers:
-# LET'S ENCRYPT:
-# ---
-# 
-  staging:
-    acme:
-      email: your-email@example.com  # TODO: Change this to your email
-      storage: /ssl-certs/acme.json
-      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
-      httpChallenge:
-        entryPoint: web
-  production:
-    acme:
-      email: your-email@example.com  # TODO: Change this to your email
-      storage: /ssl-certs/acme.json
-      caServer: "https://acme-v02.api.letsencrypt.org/directory"
-      httpChallenge:
-        entryPoint: web
-
-# Provider Configuration
-# ---
-# TODO: Customize your Provider Settings if needed
-# 
-providers:
-# DOCKER:
+# Configure your CertificateResolver here...
 # ---
+# certificatesResolvers:
+#   staging:
+#     acme:
+#       email: your-email@example.com
+#       storage: /etc/traefik/certs/acme.json
+#       caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
+#       httpChallenge:
+#         entryPoint: web
 #
+#   production:
+#     acme:
+#       email: your-email@example.com
+#       storage: /etc/traefik/certs/acme.json
+#       caServer: "https://acme-v02.api.letsencrypt.org/directory"
+#       httpChallenge:
+#         entryPoint: webproviders:
+
+# (Optional) Overwrite Default Certificates
+# tls:
+#   stores:
+#     default:
+#       defaultCertificate:
+#         certFile: /etc/traefik/certs/cert.pem
+#         keyFile: /etc/traefik/certs/cert-key.pem
+
+providers:
  docker:
    exposedByDefault: false  # Default is true
+  file:
+    # watch for dynamic configuration changes
+    directory: /etc/traefik
+    watch: true
--- a/docker-compose/traefik/docker-compose.yml
+++ b/docker-compose/traefik/docker-compose.yml
@@ -1,9 +1,5 @@
 version: '3'

-volumes:
-  traefik-ssl-certs:
-    driver: local
-
 services:
  traefik:
    image: "traefik:v2.5"
@@ -15,5 +11,4 @@ services:
      - "8080:8080"  # Don't do this in production!
    volumes:
      - /etc/traefik:/etc/traefik
-      - traefik-ssl-certs:/ssl-certs
      - /var/run/docker.sock:/var/run/docker.sock:ro